Author:

Abstract:

This thesis studies the topic of 'white-box cryptography' (WBC), wh ich focuses on software implementations of cryptographic primitives (suc h as encryption schemes). Traditionally, cryptographic primitives are de signed to protect data and keys against 'black-box' attacks. In suc h a context, an adversary has knowledge of the algorithm and may examine various inputs to and outputs from the system, but has no visibility on the internal details of the execution of a key instantiated primitive. In contrast, the goal of white-box implementations is to provide a degre e of robustness against attacks from the execution environment. In such an environment, an adversary has unrestricted access to the software imp lementation. The main part of this dissertation covers the security assessment of whi te-box implementations. This contribution is two-fold: we study practica l white-box techniques and perform a theoretical study. First, a study i s conducted on the practical white-box implementations of DES and AES en cryption algorithms, which includes their cryptanalysis. Subsequently, g eneric cryptanalysis results are described, which opens a discussion tow ards white-box design strategies. Since no formal definitions of white-box cryptography were presented bef ore and the proposed white-box implementations did not come with any pro of of security, we initiate a study towards a theoretical model for whit e-box cryptography. The study on formal models of obfuscation and provab le security leads to a definition where we capture the security requirem ents of WBC defined over some cryptographic scheme and a security notion . This new theoretical model provides a context to investigate the secur ity of white-box implementations, which leads to a number of positive an d negative possibility results. Considering the practical interest of research in WBC, we conclude with an overview of a selection of applications and related research fields t hat might benefit from and contribute to this research topic.